FREE THOUGHT · FREE SOFTWARE · FREE WORLD

PHP Session File Hacks

What they say about kung-fu is true..

It can be attained by anyone through hard work over time. You can become as good as the amount of work you put in. Here's a short look at a basic technique that I use. Simply reverse engineering the source code and taking notes along the way...

static void php_session_send_cookie(TSRMLS_D)
  if (SG(headers_sent)) {
          if (output_start_filename) {
                  php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent by (output started at %s:%d)",
                          output_start_filename, output_start_lineno);
          } else {
                  php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot send session cookie - headers already sent");
          }
          return;
  }

  /* URL encode session_name and id because they might be user supplied */
  e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name)), NULL);

PHP

Redirecting RSS to Feedburner

FeedBurner, the best syndication company in the worldFeedBurner is so RAD! I love it. Here's an alternative method to redirect scrapers and feed requests to your feedburner url, in my case, I use Branding by feedburner, which is so hot, taking advantage of CNAMEs in your DNS record.

Htaccess

The REAL Way to Optimize AdSense

AdSense Optimized using Colors and PositionOptimizing the position, color, and size of AdSense Ads is confusing. The REAL way to optimize AdSense for clicks and revenue is using variations and measuring the results.

WordPress

Custom PHP.ini with FastCGI on DreamHost

I'm really sorry but I had to disable the sites you had running under user $USER because that was the only way I could keep the associated processes from restarting themselves and making the server unstable. Please do not run these sites with a persistent php.cgi process with a php.ini file as an argument.

Shell Scripting

Racing the Windows XP ACL demon

Both of these pcs were behind a hardware/software firewall, and so each had their own host names, we'll say PEPSI and COKE, and they were both on a private network on the same subnet, so each belonged to a domain called MARKETING.

Hacking

Robots.txt Secrets From Matt Cutts

Watch out googlebots got a weapon!The secrets in this post were really more of enlightening bits of seo wisdom. The secret is how to combine robots.txt with meta robots tags to control pagerank, juice, whatever.

SEO

WordPress robots.txt SEO

WordPress robots.txt file can make a huge impact on your WordPress blogs traffic and search engine rank. This is an SEO optimized robots.txt file.

SEO

Pen-testing Security Tools

While testing the exploitability of your target and mapping out vulnerabilities it is important to gain access inside the targets defenses so that you can establish an internal foothold like a owned box or switch. This is so you can use a tool to discover the packet-filtering being used, and literally map out the firewall/IDS rules. Needless to say that really provides you with a lot more complete vulnerability assessment to help discover more weak spots in the system.

Security

Changing Any Password On XP

This quick tutorial will show you the steps to change and reset any user password on a windows computer, and also show you how to protect your computer from people doing this to you!

Hacking

PHP to handle HTTP Status Codes for ErrorDocument

Fast, HTTP Protocol, protection. If you are reading this article, you already know enough about the benefits of making sure your site can handle HTTP Protocol Errors. This is a nice single php file with no dependencies or requirements, will work on anything. Optimized for minimizing bandwidth and resource-hogging connections from bots and spambots.

<?php
ob_start();
@set_time_limit(5);
@ini_set('memory_limit', '64M');
@ini_set('display_errors', 'Off');
error_reporting(0);

PHP

Creating an Offline Version of Page

I can do anythingSo, here's what I hacked together last night, that is being used today. It's essentially 2 files.

  1. A php file that scrapes uses curl to scrape all the urls for the page (favicon, css, images, pdfs, etc..)
  2. A simple bash shell script acting as a cgi that creates a zip file of all the urls, and a self-extracting exe file for those without a winzip tool

PHP

Redirect index.php to root

WordPress blogs show the same duplicate content for https://www.askapache.com/index.php and https://www.askapache.com/. If you've read about using a robots.txt file for WordPress SEO, than you already understand this setup results in Duplicate Content penalties being levied against your Blog and Web Site by Search Engines.

Htaccess

mod_rewrite Fix for Caching Updated Files

Web Developers sometimes use file.ext?v=004 as a version control system to force visitors to use updated files. This is terrible. Instead link to apache-003.css and set it to be cached forever. When you change the file you just change the links to apache-004.css. That eliminates millions of bandwidth and resource robbing If-Modified-Since requests. You only need Apache with mod_rewrite, and 1-10 minutes!

Htaccess

Port Redirector

can you please suggest me any tiny and good port redirector for linux and unix like oses ? so that when I connect to the box to a given port it redirects my connection to another box and port that I can chose ? thanx a lot

Security

PullQuotes using CSS

CSS, no javascript pullquote not blockquoteI looked at a lot of different ways to display quotes and pullquotes and even though the javascript solutions are very nice, esp. the 456bereastreet.com solution, I decided to just use CSS (Keep It Simple Stupid).

CSS

Discover who’s tracking you online with Collusion

collusion firefox addonThe collusion add-on for Firefox is super-legit. Just navigate to any website normally, then just click the little collusion icon in the status bar and a full detailed report pops up in a new tab describing all the sites that the current site shared your data with (shared as in connected).

View the full introduction to Collusion on mozilla.org, or view my Firefox Add-on Collection: AskApache Web Development (Advanced)

Software

PHP and AJAX shell console

Ever wanted to execute commands on your server through php? Now you can. I'm calling this file (see below) shell.php and it allows you to run commands on your web server with the same permissions that your php executable has.

Hacking